AI Threat Alert AI Threat Alert

CVE-2026-7141

MEDIUM
Published April 27, 2026

A vulnerability was found in vllm up to 0.19.0. The affected element is the function has_mamba_layers of the file vllm/v1/kv_cache_interface.py of the component KV Block Handler. Performing a manipulation results in uninitialized resource. It is possible to initiate the attack remotely. The attack...

Full CISO analysis pending enrichment.

Severity & Risk

CVSS 3.1
5.6 / 10
EPSS
N/A
Exploitation Status
No known exploitation
Sophistication
N/A

Attack Surface

AV AC PR UI S C I A
AV Network
AC High
PR None
UI None
S Unchanged
C Low
I Low
A Low

Recommended Action

No patch available

Monitor for updates. Consider compensating controls or temporary mitigations.

Compliance Impact

Compliance analysis pending. Sign in for full compliance mapping when available.

Frequently Asked Questions

What is CVE-2026-7141?

A vulnerability was found in vllm up to 0.19.0. The affected element is the function has_mamba_layers of the file vllm/v1/kv_cache_interface.py of the component KV Block Handler. Performing a manipulation results in uninitialized resource. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is described as difficult. The exploit has been made public and could be used. The patch is named 1ad67864c0c20f167929e64c875f5c28e1aad9fd. To

Is CVE-2026-7141 actively exploited?

No confirmed active exploitation of CVE-2026-7141 has been reported, but organizations should still patch proactively.

How to fix CVE-2026-7141?

No patch is currently available. Monitor vendor advisories for updates.

What is the CVSS score for CVE-2026-7141?

CVE-2026-7141 has a CVSS v3.1 base score of 5.6 (MEDIUM).

Technical Details

NVD Description

A vulnerability was found in vllm up to 0.19.0. The affected element is the function has_mamba_layers of the file vllm/v1/kv_cache_interface.py of the component KV Block Handler. Performing a manipulation results in uninitialized resource. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is described as difficult. The exploit has been made public and could be used. The patch is named 1ad67864c0c20f167929e64c875f5c28e1aad9fd. To fix this issue, it is recommended to deploy a patch.

Weaknesses (CWE)

CWE-908 Primary

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

References

Timeline

Published
April 27, 2026
Last Modified
April 27, 2026
First Seen
April 27, 2026
Back to Threat Feed